Trend Micro warns of malware in third-party Android app stores

Spread the love

According to Trend Micro, the app stores of parties other than Google are more likely to find malicious apps that gain root access. The company therefore discourages the use of such app stores despite possible benefits.

The security company mentions that third-party app stores are often popular, because apps are available without a region block and because developers regularly offer discounts on the sale price through these stores. However, there would also be risks associated with downloading apps this way. In the Google Play Store, the user can in most cases assume that the downloaded software is safe, but in third-party app stores, there would often be a less strict security policy.

Specifically, Trend Micro mentions the third-party stores Aptoide, Mobogenie, mobile9 and 9apps. According to Trend Micro, malicious apps often impersonate existing popular Google Play apps to increase the chance of a download. The most notable variant of such an app is referred to by the company as androidos_libskin.a, of which more than a thousand can be found in the various third-party app stores. The malicious app is able to gain root access after download, after which the software steals other malware onto the victim’s device undetected. It is then presented to the user as advertisements to trick users into downloading other apps or can be used to collect data.

The malware uses different modules for these two functions, which run silently and automatically in the background. The first module is responsible for gaining root access via right_core.apk and bringing in other malware. The second module takes care of displaying the advertisements at a certain interval, so that the user cannot determine which program is responsible for this. Incidentally, it is not just possible to install apps from third-party app stores. On Android devices, this requires a check mark next to ‘Allow apps from unknown sources’.

Course of an infection

You might also like